Back in March, LEB published Asking the Oracle, “Is ‘Always Free’ the future of the Low End?” The March article pointed out one of the main features of Oracle Cloud Free Tier: no credit card is required for billing. If no credit card is present, it means surprise billings are not likely to happen. Thus, Oracle’s Free Tier is differentiated from other large cloud providers, such as Amazon, from which reports of surprise or unexpected billings are not rare. Just search Google for AWS surprise billing and you will see what I mean.
I’ve had three instances running on Oracle Free Tier for months. There hasn’t been so much as a hiccup. Recently I decided to move my tiny, static, Low End website to the smallest Oracle Free Tier instance shape, VM.Standard.E2.1.Micro. This move saved me $60 per year — the $5 per month I had been paying for the VPS on which the site had been running. For extra fun, I also decided to try using Oracle Linux, the default operating system image on Oracle Cloud Free Tier.
Moving From Apache To Caddy
After I set up the Oracle Free Tier / Oracle Linux instance, I went ahead and installed Apache (called httpd in Oracle Linux). Apache is one of the leading web servers. So it’s unsurprising that, over the years, Apache has satisfied my very simple requirements. Indeed, the basic Apache install in Oracle Free Tier seemed to work just fine.
The next step was to install Certbot or Certbun so I could get a Let’s Encrypt certificate. Searching “install certbot oracle linux” on Google (without the quotes) shows the first two results as:
- Let’s Encrypt – Free Certificates on Oracle Linux (CertBot), and
- Free SSL Certificates In The Oracle Cloud Using CertBot And Let’s Encrypt.
The end of the second article has a link to the first plus a note suggesting that following the first article would result in Python errors. The second article suggests using “Other Unix” Certbot instructions for a stand alone certificate. Also, both articles focus on Oracle Linux 7, and my instance was installed with Oracle Linux 8.
Caddy webserver is well known for having automatic https. It seemed easier to try Caddy than to navigate the Certbot install and configuration for Apache on a different version of Oracle Linux than covered in the articles Google found. So I removed Apache and tried Caddy.
Installing Caddy
The Caddy website has Caddy Install Documentation for Fedora, RedHat, and CentOS. Since Oracle Linux is in the Fedora / Red Hat / CentOS / Rocky / Alma family, I imagined the Caddy website’s instructions might work on Oracle Linux. The install succeeded when I followed the Caddy website’s instructions.
[opc@instance-20220717-1620 ~]$ sudo dnf update
sudo dnf install 'dnf-command(copr)'
Last metadata expiration check: 0:13:50 ago on Sun 18 Sep 2022 04:38:59 AM GMT.
Package dnf-plugins-core-4.0.21-11.0.1.el8.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[opc@instance-20220717-1620 ~]$ sudo dnf copr enable @caddy/caddy
Enabling a Copr repository. Please note that this repository is not part
of the main distribution, and quality may vary.
The Fedora Project does not exercise any power over the contents of this repository beyond the rules outlined in the docs, and packages are not held to any quality or security level.
Please do not file bug reports about these packages in Fedora
Bugzilla. In case of problems, contact the owner of this repository.
Do you really want to enable copr.fedorainfracloud.org/@caddy/caddy? [y/N]: y
Repository successfully enabled.
[opc@instance-20220717-1620 ~]$ sudo dnf install caddy
Copr repo for caddy owned by @caddy 2.5 kB/s | 1.5 kB 00:00
Dependencies resolved.
===================================================================
Package
Arch Version Repository Size
===================================================================
Installing:
caddy x86_64 2.5.2-1.el8 copr:copr.fedorainfracloud.org:group_caddy:caddy 12 M
Transaction Summary
===================================================================
Install 1 Package
Total download size: 12 M
Installed size: 45 M
Is this ok [y/N]: y
Downloading Packages:
caddy-2.5.2-1.el8.x86_64.rpm 7.7 MB/s | 12 MB 00:01
-------------------------------------------------------------------
Total 7.7 MB/s | 12 MB 00:01
Copr repo for caddy owned by @caddy 7.5 kB/s | 994 B 00:00
Importing GPG key 0xD605147E:
Userid : "@caddy_caddy (None) "
Fingerprint: 4A76 F92F F6D4 0440 F8FC 4F36 C521 91B1 D605 147E
From : https://download.copr.fedorainfracloud.org/results/@caddy/caddy/pubkey.gpg
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: caddy-2.5.2-1.el8.x86_64 1/1
Installing : caddy-2.5.2-1.el8.x86_64 1/1
Running scriptlet: caddy-2.5.2-1.el8.x86_64 1/1
Verifying : caddy-2.5.2-1.el8.x86_64 1/1
Installed:
caddy-2.5.2-1.el8.x86_64
Complete!
[opc@instance-20220717-1620 ~]$
Check That Caddy Is Working
Caddy worked enough to tell me its version, so I went ahead and started it. Since I didn’t enable caddy (with sudo systemctl enable caddy
), Caddy wouldn’t restart automatically after reboots. But I wasn’t ready to enable Caddy until after more testing.
[opc@instance-20220717-1620 ~]$ caddy version
v2.5.2 h1:eCJdZyEyAl2zuQTab8Mh3gETnYWDClo1Ljtg42q9RNZrs=
[opc@instance-20220717-1620 ~]$ sudo systemctl start caddy
Next, I asked systemd for caddy’s status.
[opc@instance-20220717-1620 ~]$ sudo systemctl status caddy
● caddy.service - Caddy
Loaded: loaded (/usr/lib/systemd/system/caddy.service; disabled; vendor preset:>
Active: active (running) since Sun 2022-09-18 05:14:22 GMT; 16s ago
Docs: https://caddyserver.com/docs/
Main PID: 2177906 (caddy)
Tasks: 7 (limit: 3853)
Memory: 15.6M
CGroup: /system.slice/caddy.service
└─2177906 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: JOURNAL_STREAM=9:59150281
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”warn”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 systemd[1]: Started Caddy.
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
Sep 18 05:14:22 instance-20220717-1620 caddy[2177906]: {“level”:”info”,”ts”:166347>
lines 1-20/20 (END)
[opc@instance-20220717-1620 ~]$
Then I took a look at Caddy’s default web page in the Lynx command line browser.
Further Steps
Caddy’s default web page was nice enough to tell me about the additional steps which were required to get my site fully working with an automatically issued security certificate. These steps include: updating DNS records to point to the new server, moving my site’s files from the old server to the new server, adjusting the configuration in the Caddyfile, and restarting Caddy.
After I transferred the files, SELinux initially blocked Caddy from accessing them. Upcoming articles will cover both transferring the files and adjusting the initial SELinux blocks.
Additionally, although it wasn’t mentioned in Caddy’s default web page, I wanted to start logging. Logging required an additional change to the Caddyfile as well as addressing an additional SELinux block. More on logging and the second SELinux block in another article soon!
Additional Helpful References
How to Host a Website in Oracle Cloud Free Tier
How to Install and Configure Caddy Web Server with PHP on Oracle Linux 8
Related Posts:
- What is “aria-label”? And why you need to use it. - August 12, 2024
- HostSailor Greenhouse (NL) Fujitsu Primergy Dedicated Server Review - October 23, 2022
- How Much Faster Is Making A Tar Archive Without Gzip? - October 7, 2022
Leave a Reply